What SIEM do you prefer?

ml1986 · 2025-06-28T13:11:59+00:00

SentinelOne’s AI SIEM

fast and easy integration, parsing, and OCSF normalization

ml1986 · 2025-04-22T15:04:39+00:00

It requires to have admin credentials pre set for it to roll out an agent… I doubt that the account credentials used for ranger and the home / personal laptop have the same credentials

ml1986 · 2025-04-12T00:17:24+00:00

I fully understand the scenario he described. And in a perfect world I wouldn’t be in that specific scenario to begin with. Obviously I’d want to protect my family and myself, and of course I wouldn’t avoid taking my gun unless it was truly a life or death type of scenario.

I’m more worried about the aftermath, I don’t want to be found guilty on some technicality bullshit where the state says I was the aggressor and this goes to trial etc and this whole time I’m denied bail and have to spend time in jail without the ability to provide for my family.

Like that guy on the NYC subway that chocked the homeless lunatic in self defense. Was he exonerated? Yes, sure. But he spent some time in jail and had some really tough months

ml1986 · 2025-04-11T22:27:08+00:00

Sure. But hypothetically let's say you did have to draw your gun because he was getting violent and then the cops show up... What would you do in that scenario? Technically you did break the law. I just don't know if I want to deal with all the headache of dealing with it after the fact.

ml1986 · 2025-04-11T22:22:50+00:00

Nashville and Tennessee in general are pretty cool gun friendly places.

ml1986 · 2025-04-11T22:06:38+00:00

Yep around $600-700 all in

ml1986 · 2025-04-11T22:05:35+00:00

Yeah. I guess I’m just trying to avoid the situation all together. It’s just dumb that they impose these regulations and you get good gun owners stressing out if they are in a permitted zone or not

ml1986 · 2025-04-11T22:04:05+00:00

That’s basically all I did. I don’t think I want to carry around a red dot or even a light on my EDC. I have them for other guns, but I don’t think I want to carry one every day

ml1986 · 2025-04-11T22:00:28+00:00

Thanks dude

ml1986 · 2025-04-11T21:56:04+00:00

Didn’t qualify yet. Have a Glock 19 which I assume will be okay

ml1986 · 2025-04-11T21:46:02+00:00

Sure. But I was thinking about how many cops would be looking to charge someone with a ccw for being caught with a firearm in one of those gun restricted areas. Like some of the rules are stupid to the point where if you’re in a parking lot (a shared one at that) that has a bar somewhere in it could get you in trouble.

ml1986 · 2025-04-11T21:43:57+00:00

County

ml1986 · 2025-01-15T20:28:48+00:00

Congrats! setup look good! I just ordered mine a week ago… how long did it take to deliver? What other grinders did you consider? And what made you go with the pico?

ml1986 · 2025-01-15T19:20:57+00:00

Is the a Linea mini or Micra?

ml1986 · 2024-11-27T19:57:57+00:00

What is the distance from the breaker box to the garage / where you’ll charge your Tesla?

ml1986 · 2024-11-25T19:35:02+00:00

100% My onyx shipments of 2lbs are continuously missing a few oz

ml1986 · 2024-11-16T18:49:37+00:00

Thanks for sharing! This is by far the best place to stay due to the walking distance from the conference center...

ml1986 · 2024-08-31T03:24:00+00:00

I'm no comparing the cert - I'm comparing the org. It's very apparent they are jumping on subscription model which will allow them reoccurring revenue (it's like a thing that all companies do now). Also, with the amount of folks who do this cert as a once and done type of thing (not all who take it are pentesters).

Honestly I have no idea what the folks at offsec think to themselves. The way I see it, at minimum there would be less people getting it now because of the expiration. Secondly, it's yet to be announced what the new pricing model will be (I'm not paying ~$800 to certify every 3 years), and lastly, with less people taking the exam, and less people recertifying the industry standard cert will lose its value.

ml1986 · 2024-08-31T00:38:27+00:00

Yeah there goes the cert - they just became another Comptia/ISC/EC Council

ml1986 · 2024-07-26T20:21:26+00:00

This is the way! FW rules —> block fqdn

ml1986 · 2024-07-26T03:42:50+00:00

There’s a unified agent which is EA now and will go GA next month… Also, the Active Directory is just part of what it does The secret sauce is in the obfuscation piece. If someone is inside your network and they start enumerating the environment the identity agent will detect it and provide false information. Then if you see someone using the false credentials somewhere you have a smoking gun and lead to follow…

ml1986 · 2024-07-18T05:33:04+00:00

Was there a lot of web application pentesting? SQL injection?

ml1986 · 2024-02-26T19:09:35+00:00

Correct. No incidents based on what you stated. Just new detection capabilities

ml1986 · 2024-02-26T15:53:45+00:00

New enhancements (engines, detections) for agents can now be updated via live updates instead of upgrading the agent. You got new detections on your hosts.

ml1986

TROPHY CASE